Tell me about your web applications.
A website with any inputs is a web application. That mostly static site with a blog probably has a contact form. If it’s a WordPress site, that contact form likely writes to a MySQL database.
Database, oh yeah.
That site probably pulls its content from a database, too. Yesterday I wrote about SQL injection and taking command of certain applications because user input isn’t validated enough on some sites to stop it.
Websites are frequently targeted and vulnerable.
Best to consider your organization a tech organization if any of the following apply:
🔑You’ve got a website
🔑You use email
🔑You use cloud services
🔑You use computers to connect and interact online
With that established, my best one-sentence advice to you is to consider cybersecurity regularly. At first (now – the rest of June) – determine your organization’s particular risks in being online and how likely each is to hinder your operations if unavailable.
At the same time, familiarize yourself with the tenets of cyber hygiene. I’ve built YouTube videos about those – short, “hey, consider this” type of videos.
Passwords. Password Manager. Multifactor authentication. Antimalware Software. Data backups. Updating and patching your machines and devices and the software that runs on them.
Learning how to detect fraud. (Understanding social engineering).
It’s great to be a tech organization. Protect it.
#smallbusinesscybersecurity#cyberhygiene#peoplecybersecurity
